The biggest problem of DeFi-focused altcoin projects is malicious hackers chasing vulnerabilities in protocols. So much so that thousands of users are victimized every month, and we have even seen the teams behind altcoin projects conduct “rug pull” or “honey pot” operations. The latest hack is Flurry Finance…
Another DeFi altcoin project is the latest victim of cybercriminals
Multiple reports indicate that approximately $290,000 was stolen from Flurry Finance vault contracts, as well as all rhoToken smart contracts on its platform. It also claims to have suspended all rhoToken smart contracts on Polygon and Binance Smart Chain (BSC).
According to the investigation, the hacker has created a stake for RhoToken against Binance stablecoin. PancakeSwap created the pair and started a malicious contract on the protocol (BUSD). The malicious contract code known as “FlurryRebaseUpkeep.performUpkeep()” relies on all RhoToken update multipliers. The illegal update took the form of a “flash loan” and all tokens from the bank contract were not refunded, resulting in a low balance and a low multiplier. The attacker later returned the loan. Reports reveal that the hacker executed a second transaction, this time depositing tokens with a lower multiplier and then updating the multiplier to a higher amount.
The multiplier was then used to withdraw money
As the multiplier was one of the main reasons for the growth in the RhoToken balance, the attacker’s balance also increased. As a result, they were able to get more out of the pool than they deserved, and the practice was repeated many times, resulting in more than $290,000 in losses. It is worth noting that the attackers only target FinanceRabbit Strategy. Flurry Finance said that all smart contract activity is paused for RhoTokens across all networks to prevent problems from getting worse. It was also stated that investigations are continuing and an update will be made as soon as possible. During the operation, FLURRY experienced 20% volume loss. It can be seen from the chart below that it has found buyers again at low prices.
streams crypto hacking on DeFi platforms
Hackers are always on the prowl looking for flaws in various decentralized financial ventures. Malicious hackers take millions of dollars every year not only from sensitive businesses but also from investors. In cryptokoin.com news, we reported that hackers stole 4,828 Binance Coins (BNB) from Titano Finance, many of which were rug pulls.